feat(git-provider): improve sharing toggle and authorization checks

- Added loading state for the sharing toggle in the UI to prevent user interaction during processing. - Enhanced authorization logic in the API to ensure that both user and organization ownership are validated before allowing sharing of Git providers. - Improved error handling in the license key deactivation process to log failures for better debugging.
2026-06-15 20:25:23 +02:00 · 2026-04-03 14:38:14 -06:00
parent 4030049ee8
commit 38a711776b
3 changed files with 8 additions and 4 deletions
--- a/apps/dokploy/components/dashboard/settings/git/show-git-providers.tsx
+++ b/apps/dokploy/components/dashboard/settings/git/show-git-providers.tsx
@@ -47,7 +47,7 @@ export const ShowGitProviders = () => {
 	const { data, isPending, refetch } = api.gitProvider.getAll.useQuery();
 	const { mutateAsync, isPending: isRemoving } =
 		api.gitProvider.remove.useMutation();
-	const { mutateAsync: toggleShare } =
+	const { mutateAsync: toggleShare, isPending: isToggling } =
 		api.gitProvider.toggleShare.useMutation();
 	const url = useUrl();

@@ -184,6 +184,7 @@ export const ShowGitProviders = () => {
 																				<div className="flex items-center gap-1.5 mr-2">
 																					<Users className="size-4 text-muted-foreground" />
 																					<Switch
+																						disabled={isToggling}
 																						checked={
 																							gitProvider.sharedWithOrganization
 																						}
--- a/apps/dokploy/server/api/routers/git-provider.ts
+++ b/apps/dokploy/server/api/routers/git-provider.ts
@@ -50,7 +50,10 @@ export const gitProviderRouter = createTRPCRouter({
 		.mutation(async ({ input, ctx }) => {
 			const provider = await findGitProviderById(input.gitProviderId);

-			if (provider.userId !== ctx.session.userId) {
+			if (
+				provider.userId !== ctx.session.userId ||
+				provider.organizationId !== ctx.session.activeOrganizationId
+			) {
 				throw new TRPCError({
 					code: "UNAUTHORIZED",
 					message: "Only the owner can share this provider",
--- a/apps/dokploy/server/api/routers/proprietary/license-key.ts
+++ b/apps/dokploy/server/api/routers/proprietary/license-key.ts
@@ -145,8 +145,8 @@ export const licenseKeyRouter = createTRPCRouter({

 			try {
 				await deactivateLicenseKey(currentUser.licenseKey);
-			} catch (_) {
-				// Always clean up locally even if the license server is unreachable
+			} catch (err) {
+				console.error("Failed to deactivate license key remotely:", err);
 			}

 			await db